Tag: security

About

Computer security is an application of information security to both theoretical and actual computer systems. For the sake of simplicity, issues regarding privacy should be handled under the subject of information privacy rights. For the purpose of this article, Computer security is a branch of computer science concerned with risk management trade-offs in the areas of confidentiality, integrity and availability (see CIA Triad) of electronic information that is processed by or stored on computer systems.

The traditional approach is to create computing platforms, languages, and applications that enforce restrictions such that agents (i.e., users or programs) can only perform actions that have been allowed according to some specified Computer security policy. Computer security can also be seen as a subfield of security engineering, which looks at broader security issues in addition to computer security.

A secure system should still permit authorized users to carry out legitimate and useful tasks. It might be possible to secure a computer against misuse using extreme measures:
"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts."
Eugene H. Spafford, director of the Purdue Center for Education and Research in Information Assurance and Security.

It is important to distinguish the techniques used to increase a system's security from the issue of that system's security status. In particular, systems which contain fundamental flaws in their security designs cannot be made secure without compromising their usability. Most computer systems cannot be made secure even after the application of extensive "computer security" measures. Furthermore, if they are made secure, functionality and ease of use often decreases.

From en.wikipedia.org/wiki/Computer_security

If you want to do command-line MySQL administration like restoring databases or dumping statistics, you need the root account and it's password. Or do you?

Sometimes when digging real deep into Windows like I recently had to, you need to have the Windows SID (Security Identifier) of a local user. I wasn't able to find any standard way of obtaining this info, so I wrote this little VBScript. Might help some people, might not. Putting this online anyway ;)

Let's say you want your local restricted users to be able to restart specific services. On linux you'd probably type visudo. In Windows I found, you have to dig a little deeper into the system and really do your research. I needed several sites, programs and articles. So I thought it might be useful to others if I'd bundle all the required information in one place. Here it is.

Deleting a file or reformatting a disk does not destroy your sensitive data. The data can easily be undeleted. That's a good thing if you accidentally throw something away, but what if your trying to destroy financial data, bank account passwords, or classified company information. What if you want to clean your computer before selling it for instance?

Making sure your system is up to date is a key attribute to it's security. Furthermore Ubuntu releases updates pretty often and you probably don't want to miss out on added stability and features. You could run updated manually, but why not schedule the updates in the background to make sure you are always running the latest stable versions, without ever having to worry about it.

Since 2005 there has been an immense increase in brute force SSH attacks and though Linux is pretty secure by default, it does not stop evil programs from indefinitely trying to login with different passwords. Without proper protection your server is a sitting duck waiting for a bot to guess the right combination and hit the jackpot. But with just 2 commands we can stop that.